The present invention relates to access control lists in software development, and more specifically, to role-based authorization for software products implementing a content space model.
Many software applications and software intensive systems rely on an authorization model called an access control list (ACL). An ACL is a list of permissions attached to an object. An ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects. Each entry in a typical ACL specifies a subject and an operation. Role-based authorization is used to determine for given function and user, and perhaps other parameters, whether or not the function is allowed. Typically, users are associated with (categorized by) roles, which are associated with Permissions and/or Resources (or instances). The ACL model in implementation typically has a relatively few Roles (e.g. 10 or less) and may have 1000s of Permissions, and can have 100s or 1000s of Resources. In this model, Permissions correspond to function. A product using role based authorization typically ships a set of default Policies that define default Roles and relate these to Permissions and Resources.
One of the ongoing challenges in each product release is to ensure that the default Policies are appropriately updated for changes in product—the addition, deletion or alteration of function and relating these to Permissions is a regular, per-release problem. As such, for a given product release, it has to be determined whether each Role has the correct list of permissions, whether all the product functions and features covered by the right Roles, whether the Resources associated with the correct Roles, and the like.
Related to this determination is adequately testing at reasonable cost all the changes to the default Polices for each release. In addition, when products are refactored within the product portfolio, the previously separate security policies have to be integrated into a seamless, coherent whole, at reasonable cost and a high degree of assurance that nothing has been missed.